5.16.19

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8
2022-03-18	CVE-2022-1011	Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). local low complexity linux fedoraproject redhat netapp debian oracle CWE-416	7.8
2022-03-10	CVE-2022-0516	A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. local low complexity linux fedoraproject debian redhat netapp	7.8
2022-03-04	CVE-2021-3743	An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. local low complexity linux fedoraproject netapp oracle	7.1
2022-03-03	CVE-2021-3640	A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. local high complexity linux debian fedoraproject canonical netapp	7.0
2022-02-16	CVE-2022-0617	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. local low complexity linux debian CWE-476	5.5
2022-01-18	CVE-2021-4083	Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. local high complexity linux netapp debian oracle CWE-362	7.0
2021-06-08	CVE-2021-3564	A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. local low complexity linux fedoraproject debian	5.5
2021-05-26	CVE-2020-27815	A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. local low complexity linux debian netapp	7.8
2021-05-26	CVE-2020-25668	Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. local high complexity linux debian netapp CWE-662	7.0